Updating via OTA from non-encrypted to encrypted version
Posted: Mon Mar 21, 2022 8:50 am
Hi,
the initial versions of my firmware were released without flash encryption. Now we have decided to enable encryption due to obvious reasons and the whole procedure is working fine (Using ESP32 generated keys). However, a clear limitation I have detected is that a device running a non-encrypted version can not be updated via OTA to an encrypted version. I have not been able to check this is depth yet but I understand the bootloader was not initially compiled with flash encryption enabled and therefore it just does not work. Am I right? Is there any way to overcome this limitation? Thanks
the initial versions of my firmware were released without flash encryption. Now we have decided to enable encryption due to obvious reasons and the whole procedure is working fine (Using ESP32 generated keys). However, a clear limitation I have detected is that a device running a non-encrypted version can not be updated via OTA to an encrypted version. I have not been able to check this is depth yet but I understand the bootloader was not initially compiled with flash encryption enabled and therefore it just does not work. Am I right? Is there any way to overcome this limitation? Thanks